Vitalik's speech: Improving resistance to quantum computing and copying Ethereum's L2 is meaningless

Written by: Jian Yike

On April 20th, the 2026 Hong Kong Web3 Carnival grandly opened at the Hong Kong Convention and Exhibition Centre. Ethereum co-founder Vitalik Buterin delivered the keynote speech, deeply analyzing Ethereum’s ultimate vision as the “world computer” and the hardcore roadmap for the next five years. Here is the full transcript of the speech:

Good morning everyone! Where is the Ethereum protocol headed? I believe that over the past few years, we have seen many significant changes in both theory and ecosystem development. At the same time, we have also witnessed numerous transformations outside the Ethereum ecosystem, including the limitless possibilities brought by artificial intelligence, the potential rapid realization of quantum computing, and advances in formal verification, cryptography, zero-knowledge proofs, and more.

I think one of the important things we’ve been doing is rethinking what truly matters: what is the significance of using Ethereum? Why Ethereum? What features does it have? What makes a decentralized network require these features?

For example, how can we integrate these new technologies into the Ethereum protocols we’ve previously written and into the plans for the next five years? What exactly is Ethereum used for? I believe it has two main functions:

First, Ethereum is like a public bulletin board. It’s a place where applications can publish messages, and everyone can see the content and order of these messages. These messages can be anything: transactions, hashes, encrypted data, or many other things. In fact, there are many opportunities for applications to use Ethereum as a data publishing platform, while leveraging other types of protocols to interpret these data (i.e., decrypt data and perform computations on it).

Second, it’s a computer. Essentially, Ethereum allows you to have shared digital objects controlled by code. These digital objects can be many things: assets, ERC-20 tokens, NFTs, with meanings beyond theory (ENS is an example), and even control rights over organizations (DAO is an example). You can do many things with them, making both functions highly valuable. For decentralized applications, Ethereum can ensure autonomous security, verifiability, fair participation, and bring together all users.

“Self-sovereignty” essentially means that as a user, you can participate, verify, and ensure your own security, all based on your own infrastructure. You don’t need to trust any third party to run Ethereum, and if you prefer, you don’t need to trust anyone outside Ethereum either.

Therefore, verifiability and the ability to validate ensure that the chain operates correctly and that everything that happens is legitimate. It also guarantees the rights of individuals and the right to publish information, which can be posted on the bulletin board. So this is core—we should see Ethereum as a technical module and consider all applications that this foundational technology can support. The most interesting applications will be products combining on-chain and off-chain elements. This includes ENS, prediction markets, and more. Prediction markets have on-chain components (creating assets for each event that can be traded) and off-chain components (such as oracles). Sometimes, the design or trade order matching occurs on-chain, and there are also privacy-related aspects involved.

For example, cryptographic protocols have been studied for decades to simplify or realize secure electronic voting. Many such protocols rely on public bulletin boards where information can be published. In these cases, they are encrypted ballots, ensuring everyone can participate. Any privacy-related matter must include an on-chain component (for publishing data) and an off-chain component (for interpreting data).

If data is to be interpreted, it must be done off-chain through a private protocol. So, we’ve discussed a lot about Layer 2 (L2). In my view, determining which types of L2 are meaningful first requires understanding which are not: if you just copy Ethereum, amplify it 100 times, and make it more centralized, that’s pointless. I believe truly meaningful L2 solutions start by examining various applications, asking what off-chain components they need, beyond L1. Then, you build those components.

What does this mean for Ethereum? We need to scale data capacity—we need the ability to publish more data on-chain. The recent hard fork introduced PeerDAS, which includes this capability, but we still need to push further. Scaling computational power is also crucial because, as part of the Ethereum chain, increasing computational capacity helps different applications connect and communicate without intermediaries.

If you visit the roadmap.org website, you can find a roadmap designed for the next five years. The protocol’s core short-term goals are: first, scaling capacity by actively increasing the Gas limit; second, launching zkEVM. zkEVM allows Ethereum to expand further, enabling more complex computations while still making on-chain information easy to verify. There’s also early preparation for the post-quantum era. We’ve been thinking about quantum computing for years, recognizing it as a potential threat, and have taken some measures. Soon, in the short term, we will improve Ethereum’s quantum resistance and refine the entire roadmap.

For example, in the end, all parts of Ethereum will be fully quantum-resistant and highly efficient. We will also improve block construction processes and strengthen privacy support. Therefore, many EIP proposals for short-term scaling will be applied in the next phase, such as Block Access List (which enables parallelization); re-pricing Gas to improve efficiency and make increasing the Gas limit safer.

ePBS (Proposer and Builder Separation) makes it safer for Ethereum blocks to take longer to verify and improves the node’s ability to download state. Another example is EIP-8141 (Account Abstraction proposal), which is simple yet powerful. Essentially, a transaction is a series of calls, where one call might be verification, and another might be execution. This allows Ethereum to easily support native smart contract wallets, for pay-per-transaction, quantum-resistant signatures, and privacy protocols.

This broadens Ethereum’s use cases, supporting many functionalities. Quantum-resistant signature algorithms have existed for 20 years; we know what they are and how to build them. The problem is their efficiency—current quantum-resistant signatures occupy 2000-3000 bytes, while existing signatures are only 64 bytes; they also require 200k Gas on-chain, compared to just 3,000 Gas now. We can use two types of signatures: hash-based and lattice-based. Our plan is to add vectorization to these, integrating them into the EVM, similar to how computers rapidly run AI. We are actively working to make signatures resistant to quantum attacks and more efficient.

Scaling state storage, account balances, and smart contract execution is relatively straightforward, but storage scaling is more challenging, and there’s much work to do in this area.

So, these are the short-term and long-term plans, and the true direction we want Ethereum to develop. Ethereum is not competing with high-frequency trading platforms; it’s not aiming to be the fastest chain. Ethereum aims to be a secure, decentralized chain—one that stays online continuously and that you can always rely on. One goal is to maximize secure consensus, meaning if the network is secure enough to withstand 49% node failures, and can even handle nearly all nodes going offline, it has properties similar to Bitcoin. If issues arise, you still maintain about 33% security certainty. That’s the first part.

The second part involves formal verification of everything. We’ve already begun actively applying AI to generate code proofs, verifying that the software versions running Ethereum truly have their intended properties. We’ve made progress—something that was impossible two years ago. AI is advancing rapidly, and we’re leveraging this to pursue extreme simplicity, keeping long-term protocols as straightforward as possible, and preparing for the future.

Therefore, a network needs offline testing. If a network is to be applied, you should be able to rely on it even without power. This is the same principle Bitcoin pursues. If you want to be a long-term holder, you need to ensure your digital assets’ security over time—you need something that can continuously guarantee safety, independent of any team’s ongoing existence or work. Ethereum’s consensus combines the advantages of both methods: Bitcoin’s longest chain rule and BFT (Byzantine Fault Tolerance). This provides ultimate finality, with optimal security features, quantum resistance, and rapid finality.

Finality is achieved within one to three block slots, with the chain expected to reach finality in about 10-20 seconds, or even less. zkVM allows you to verify the chain without relying on large computers running all operations. Everyone should verify the chain—before trusting it, even your phone or IoT devices should verify the chain. The zero-knowledge virtual machine zkVM is already fast enough to prove real-time VM execution. This year, the goal is to make it sufficiently secure, starting with a small proportion of the network using zkVM, then gradually increasing that proportion. By 2028, this will enable scaling to handle more transactions without sacrificing decentralization.

What is the vision behind all these developments? Ethereum is the world computer. It’s a global shared layer for making commitments, publishing data, and recording actions; a platform for data publication where you can prove data has been published or not, accessible to everyone; and a global shared layer to ensure the execution of high-value rules. Ethereum needs maximum robustness and should be extremely easy to verify. I believe that in the future, with AI, it will become even easier—much simpler than we imagine—to truly ensure software security.

If you want to guarantee software security but people are unwilling to do so, software vulnerabilities could increase tenfold, and attacks could become ten times more frequent. Therefore, as a blockchain, Ethereum must first ensure security, then decentralization. When these conditions are met, it should provide this security to users as much as possible. So, if you aim to build decentralized applications, ensuring self-sovereignty, security, verifiability, and user participation—including finance, decentralized social, identity, and some financial and non-financial applications (like ENS, prediction markets)—these cover many areas. Ethereum makes application development easier, and that is the core goal.

The roadmap for the next four years is precisely designed around this vision. Thank you!